How to compile libgcrypt.dll
Werner Koch
wk at gnupg.org
Thu Feb 10 12:37:55 CET 2005
On Wed, 9 Feb 2005 21:41:16 -0500 (EST), Anonymous said:
> practical. On a 1.6Ghz desktop machine under 'normal' load, 1024-bit
> DSA signatures take *45 seconds* to compute. This delay is unacceptable
I don't have these problems. The trick is to keep the random state on
disk so that random of quality GCRY_STRONG_RANDOM (which is sufficient
for the DSA's K as well as for session keys) does not require to
initialzie the pool from scratch.
Simply do a
gcry_control (GCRYCTL_SET_RANDOM_SEED_FILE, filename);
at startup to read the existing random seed and a
gcry_control (GCRYCTL_UPDATE_RANDOM_SEED_FILE);
right before you exit your process.
> Since it sounds like you're not a big fan of switching completely to the
> CryptoAPI, would you be interested if I wrote an improved patch to add a
No thanks.
Werner
More information about the Gcrypt-devel
mailing list